gdpr_rails 0.2.1 → 0.2.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: bdac527992aa3750ca683a3b17605e9f5726b4bf
4
- data.tar.gz: b020e00e20481d8c6eea547fefe3534015ad263a
3
+ metadata.gz: 6181a2509e31b54aae04f5200f9379312f252826
4
+ data.tar.gz: 8368d29d88f66c2829cf21f3818bbffb3bc0010e
5
5
  SHA512:
6
- metadata.gz: 758502951aaf60f3168c55c95938462dc9cf1433ae7fc0dc259a4a746a7d371eadc71b04b5c85605b3a8bc84accee94dfd6f614a2b982085b520a4ba387061e7
7
- data.tar.gz: 8630dddce297c8bd2be235bac6eb52c385c968ca42f7db3961605e72d87784be9733b7bb1d66a53a336f852db6e52f9fd0ab32a86c2597c44c7b15206ef7e1ea
6
+ metadata.gz: 6a64af678175901f4d3557512b6f6c6f714a28aea94339dcbf749039f2f28c0a95fab855e654caf8b7ff34bb6e5172d1ff55d84033e9931decdeed15f586a7dd
7
+ data.tar.gz: 14be1400c6c09ef867262e9bed12d286072a9774c95067c42b880e870cb759c8ebd6ee3e81c0a0c075d6db7c80fc5f604ad19cb47946fe4d13c2ad301ad6ed94
data/README.md CHANGED
@@ -33,7 +33,7 @@ Portability module lets you define export options, that will generate a navigabl
33
33
  + Behind the scenes uses the paperclip gem in which you can set up storages, like S3, Google
34
34
 
35
35
  #### Scripts & Cookies
36
- Configurable *scripts* which will bind cookie names in order to handle the script rendering and the cookie clean up.
36
+ Configurable *scripts* which will bind cookie names in order to handle the script rendering and the cookie clean up.
37
37
 
38
38
  #### Forgetability
39
39
  + TBD, for now we simply delete all the data when a user closes the account. This could be handled in the future with encryption like in emails or other kind of sensible fields on a database.
@@ -42,11 +42,11 @@ Configurable *scripts* which will bind cookie names in order to handle the scrip
42
42
  ![admin panel](./panel.jpg)
43
43
 
44
44
  ## Installation
45
- Add this line to your application's Gemfile:
45
+ Add this line to your application's Gemfile:
46
46
 
47
47
  as `gem 'gdpr_rails'`
48
48
 
49
- Then in your application.rb require the policy_manager lib with
49
+ Then in your application.rb require the policy_manager lib with
50
50
 
51
51
  `require "policy_manager"`
52
52
 
@@ -57,20 +57,26 @@ Install & run the migrations
57
57
  ## Usage examples
58
58
 
59
59
  ### Basic config
60
+
60
61
  ```ruby
61
- config = PolicyManager::Config.setup do |c|
62
+ config = PolicyManager::Config.setup do |c|
62
63
  c.logout_url = "logout"
63
64
  c.from_email = "admin@acme.com"
64
65
  c.admin_email_inbox = "foo@baaz.org"
65
- # is_admin method in order for engine to know
66
- # how to authorize admin only areas
67
- c.is_admin_method = ->(o){
66
+
67
+ c.user_resource = User # defaults to User
68
+ c.admin_user_resource = AdminUser # defaults to User
69
+ # is_admin method in order for engine to know
70
+ # how to authorize admin only areas
71
+ c.is_admin_method = ->(o){
68
72
  o.is_god? || o.is_admin? || o.is_me? || o.watheva
69
73
  }
74
+
75
+ end
70
76
  ```
71
77
 
72
- In order for this engine to work you must supply some rules according to your needs, in order to be in comply with the GDPR you will need 3 rules at least. A cookie consent, a Privacy& TOS and an Age confirmation (+16).
73
- So, let's start by doing that:
78
+ In order for this engine to work you must supply some rules according to your needs, in order to be in comply with the GDPR you will need 3 rules at least. A cookie consent, a Privacy& TOS and an Age confirmation (+16).
79
+ So, let's start by doing that:
74
80
 
75
81
  ## Term rules
76
82
 
@@ -80,6 +86,14 @@ In your app router add the following:
80
86
  mount PolicyManager::Engine => "/policies"
81
87
  ```
82
88
 
89
+ Then add the concern to your `User` model:
90
+
91
+ ```ruby
92
+ class User < ApplicationRecord
93
+ include PolicyManager::Concerns::UserBehavior
94
+ end
95
+ ```
96
+
83
97
  Then add an initializer, `config/initializers/gdpr.rb` and inside it set your policy rules.
84
98
 
85
99
  ```ruby
@@ -125,7 +139,7 @@ When the policies are configured will generate some helper methods on User model
125
139
  + **validates_on:** will require users validation, will automagically create virtual attributes for the policy you set, so, if you set `age` in your config you must supply in your forms a `policy_rule_age` checkbox in your form, if you don't supply those then the user validation will return errors on `policy_rule_age` . Don't forget to add the fields in your strong params in the controller which handles the request.
126
140
  + **if:** you can add conditions as a Proc in order skip validations:
127
141
  ```ruby
128
- c.add_rule({name: "age", validates_on: [:create, :update],
142
+ c.add_rule({name: "age", validates_on: [:create, :update],
129
143
  if: ->(o){ o.enabled_for_validation } })
130
144
  ```
131
145
  + **on_reject**: Proc which will be triggered when user rejects a policy (has an argument that contains the controller context)
@@ -138,10 +152,10 @@ When the policies are configured will generate some helper methods on User model
138
152
  c.add_rule({name: "cookie", sessionless: true, on_reject: ->(context){
139
153
  PolicyManager::Script.cookies
140
154
  .select{|o| !o.permanent }
141
- .each{|o|
142
- o.cookies.each{|c|
143
- context.send(:cookies).delete(c, domain: o.domain)
144
- }
155
+ .each{|o|
156
+ o.cookies.each{|c|
157
+ context.send(:cookies).delete(c, domain: o.domain)
158
+ }
145
159
  }
146
160
  }
147
161
  })
@@ -149,7 +163,7 @@ When the policies are configured will generate some helper methods on User model
149
163
 
150
164
  #### Policy handling:
151
165
 
152
- There are some endpoints that will handle json in order to interact with client applications, like react interfaces, $.ajax etc.
166
+ There are some endpoints that will handle json in order to interact with client applications, like react interfaces, $.ajax etc.
153
167
  you can also use the html web panel directly from the engine.
154
168
  So, if the Engine was mounted on `/policies` then your routes will be:
155
169
 
@@ -163,9 +177,9 @@ So, if the Engine was mounted on `/policies` then your routes will be:
163
177
 
164
178
  ## Scripts & Cookies
165
179
 
166
- This is supposed to in mix with your declared cookie term. So, this configuration let's you declare your external scripts that are related with tracking, ie: Google Analytics, Kissmetrics, Google Tag manager, etc... This configuration expects that you declare scripts that will be rendered over certain contexts (environments) and have the names (and domains) of the cookies that those scripts generates.
180
+ This is supposed to in mix with your declared cookie term. So, this configuration let's you declare your external scripts that are related with tracking, ie: Google Analytics, Kissmetrics, Google Tag manager, etc... This configuration expects that you declare scripts that will be rendered over certain contexts (environments) and have the names (and domains) of the cookies that those scripts generates.
167
181
 
168
- #### example:
182
+ #### example:
169
183
  ```ruby
170
184
  c.add_script(
171
185
  name: "google analytics",
@@ -198,11 +212,11 @@ Export option & Portability rules will allow you to set up how and which data yo
198
212
  + **resource**: which model , ie: `User`
199
213
  + **index_template**: The first page. defaults to a simple ul li list of links tied to your rules, this expects a Pathname or a String with yout template
200
214
  + **layout**: A layout template to wrap the static site, this expects a Pathname or a String with your template
201
- + **after_zip**: a callback to handle the zip file on the resource, something like:
215
+ + **after_zip**: a callback to handle the zip file on the resource, something like:
202
216
  ```ruby
203
- after_zip: ->(zip_path, resource){
204
- puts "THIS IS GREAT #{zip_path} was zipped, now what ??"
205
- }
217
+ after_zip: ->(zip_path, resource){
218
+ puts "THIS IS GREAT #{zip_path} was zipped, now what ??"
219
+ }
206
220
  ```
207
221
 
208
222
  + **mail_helpers**: If you have some helpers you want to add to the mailers, then you can pass an Array of helpers, `[MailHelper, OtherMailHelper]`,
@@ -219,17 +233,17 @@ and will auto paginate records
219
233
  PolicyManager::Config.setup do |c|
220
234
 
221
235
  # minimal exporter setup
222
- c.exporter = {
223
- path: Rails.root + "tmp/export",
224
- resource: User
236
+ c.exporter = {
237
+ path: Rails.root + "tmp/export",
238
+ resource: User
225
239
  }
226
240
 
227
241
  # portability rules, collection render. This will call a @user.articles
228
242
  # and will auto paginate records
229
243
  # template expects a string or path
230
244
  c.add_portability_rule({
231
- name: "exportable_data",
232
- collection: :articles,
245
+ name: "exportable_data",
246
+ collection: :articles,
233
247
  template: "hello, a collection will be rendered here use @collection.to_json",
234
248
  per: 10
235
249
  })
@@ -237,9 +251,9 @@ PolicyManager::Config.setup do |c|
237
251
  # portability rules, member render. This will call a @user.account_data
238
252
  # template expects a string or path
239
253
  c.add_portability_rule({
240
- name: "my_account",
254
+ name: "my_account",
241
255
  member: :account_data,
242
- template: "hellow , here a resource will be rendered <%= @member.to_json %> "
256
+ template: "hellow , here a resource will be rendered <%= @member.to_json %> "
243
257
  })
244
258
 
245
259
  end
@@ -269,7 +283,7 @@ portability_request DELETE /portability_requests/:id(.:format)
269
283
 
270
284
 
271
285
  # TO DO
272
- + anonimyzer
286
+ + anonimyzer
273
287
 
274
288
  #### Acknowledgments
275
289
  + [Prey Team](https://github.com/orgs/prey/people)
@@ -13,7 +13,7 @@ module PolicyManager
13
13
  end
14
14
 
15
15
  def user_authenticated?
16
- if current_user.blank?
16
+ if !current_user
17
17
  render :file => "public/401.html", :layout => false, :status => :unauthorized
18
18
  end
19
19
  end
@@ -22,6 +22,14 @@ module PolicyManager
22
22
  I18n.locale = Config.user_language(current_user)
23
23
  end
24
24
 
25
+ def current_user
26
+ @_current_user ||= super || (Config.has_different_admin_user_resource? && admin_user)
27
+ end
28
+
29
+ def admin_user
30
+ self.send("current_#{Config.admin_user_resource.name.underscore}")
31
+ end
32
+
25
33
  protect_from_forgery with: :exception
26
34
  end
27
35
  end
@@ -1,9 +1,9 @@
1
1
  module PolicyManager
2
2
  class ExporterJob < ApplicationJob
3
3
  queue_as :default
4
-
4
+
5
5
  def perform(user_id)
6
- user = User.find(user_id)
6
+ user = Config.user_resource.find(user_id)
7
7
  Config.exporter.perform(user)
8
8
  end
9
9
  end
@@ -3,7 +3,7 @@ module PolicyManager
3
3
 
4
4
  def progress_notification(portability_request_id)
5
5
  @portability_request = PortabilityRequest.find(portability_request_id)
6
- @user = User.find(@portability_request.user_id)
6
+ @user = Config.user_resource.find(@portability_request.user_id)
7
7
 
8
8
  opts = { :to => @user.email, :subject => I18n.t("terms_app.mails.progress.subject") }
9
9
  opts.merge!({
@@ -18,7 +18,7 @@ module PolicyManager
18
18
 
19
19
  def completed_notification(portability_request_id)
20
20
  @portability_request = PortabilityRequest.find(portability_request_id)
21
- @user = User.find(@portability_request.user_id)
21
+ @user = Config.user_resource.find(@portability_request.user_id)
22
22
  @link = @portability_request.download_link
23
23
 
24
24
  opts = { :to => @user.email, :subject => I18n.t("terms_app.mails.completed.subject") }
@@ -33,7 +33,7 @@ module PolicyManager
33
33
  end
34
34
 
35
35
  def admin_notification(user_id)
36
- @user = User.find(user_id)
36
+ @user = Config.user_resource.find(user_id)
37
37
 
38
38
  opts = { :to => Config.admin_email(@user), :subject => I18n.t("terms_app.mails.admin.subject", email: @user.email) }
39
39
  opts.merge!({
@@ -5,7 +5,7 @@ module PolicyManager
5
5
  class PortabilityRequest < ApplicationRecord
6
6
  include Paperclip::Glue
7
7
 
8
- belongs_to :user
8
+ belongs_to :user, class_name: Config.user_resource.to_s
9
9
 
10
10
  has_attached_file :attachment,
11
11
  path: Config.exporter.try(:attachment_path) || Rails.root.join("tmp/portability/:id/build.zip").to_s,
@@ -4,7 +4,7 @@ module PolicyManager
4
4
  class UserTerm < ApplicationRecord
5
5
  include AASM
6
6
 
7
- belongs_to :user
7
+ belongs_to :user, class_name: Config.user_resource.to_s
8
8
  belongs_to :term
9
9
 
10
10
  validates_uniqueness_of :term_id, :scope => :user_id
@@ -42,40 +42,43 @@
42
42
  <div class="sidebar-sticky">
43
43
  <ul class="nav flex-column">
44
44
  <% if PolicyManager::Config.is_admin?(current_user) %>
45
+
45
46
  <li class="nav-item">
46
47
  <a class="nav-link" href="<%= categories_path %>">
47
48
  <i class="fas fa-balance-scale"></i>
48
- <%= I18n.t("terms_app.menu.policies") %>
49
+ <%= I18n.t("terms_app.menu.policies") %>
49
50
  </a>
50
51
  </li>
51
- <% end %>
52
-
53
52
 
54
- <% if PolicyManager::Config.is_admin?(current_user) %>
55
53
  <li class="nav-item">
56
54
  <a class="nav-link" href="<%= portability_requests_path %>">
57
55
  <i class="fas fa-suitcase"></i>
58
56
  <%= I18n.t("terms_app.menu.portability_requests") %>
59
57
  </a>
58
+ </li
59
+
60
+ <% end %>
61
+
62
+ <% if current_user.is_a? PolicyManager::Config.user_resource %>
63
+
64
+ <li class="separator"></li>
65
+
66
+ <li class="nav-item">
67
+ <a class="nav-link" href="<%= pending_user_terms_path %>">
68
+ <i class="fas fa-user-secret"></i>
69
+ <%= I18n.t("terms_app.menu.user_pending_policies") %>
70
+ </a>
71
+ </li>
72
+
73
+ <li class="nav-item">
74
+ <a class="nav-link" href="<%= user_portability_requests_path %>">
75
+ <i class="fas fa-suitcase"></i>
76
+ <%= I18n.t("terms_app.menu.user_portability_requests") %>
77
+ </a>
60
78
  </li>
79
+
61
80
  <% end %>
62
81
 
63
- <li class="separator"></li>
64
-
65
- <li class="nav-item">
66
- <a class="nav-link" href="<%= pending_user_terms_path %>">
67
- <i class="fas fa-user-secret"></i>
68
- <%= I18n.t("terms_app.menu.user_pending_policies") %>
69
- </a>
70
- </li>
71
-
72
- <li class="nav-item">
73
- <a class="nav-link" href="<%= user_portability_requests_path %>">
74
- <i class="fas fa-suitcase"></i>
75
- <%= I18n.t("terms_app.menu.user_portability_requests") %>
76
- </a>
77
- </li>
78
-
79
82
  </ul>
80
83
 
81
84
  </div>
@@ -0,0 +1,124 @@
1
+ fr:
2
+ terms_app:
3
+ title: Gestionnaire de données personnelles
4
+ sub_title: Gestionnaire de données personnelles
5
+ sign_out: Se déconnecter
6
+ menu:
7
+ policies: Consentements
8
+ portability_requests: Demandes de portabilité
9
+ user_portability_requests: Mes demandes de portabilité
10
+ user_pending_policies: Consentements en attente de validation
11
+ misc:
12
+ back: Précédent
13
+ edit: Modifier
14
+ show: Afficher
15
+ save: Sauvegarder
16
+ download: Télécharger
17
+ are_you_sure: Êtes-vous certain(e) ?
18
+ states:
19
+ draft: Brouillon
20
+ published: Publié
21
+ categories:
22
+ index:
23
+ title: Traitements
24
+ table:
25
+ name: Intitulé
26
+ terms: Conditions
27
+ show: Afficher
28
+ show:
29
+ title: "%{name}"
30
+ new: Nouvelle condition
31
+ table:
32
+ id: ID
33
+ content: Contenu
34
+ state: Etat
35
+ updated_at: Modifié à
36
+ show: Afficher
37
+ terms:
38
+ index:
39
+ title: Conditions
40
+ button: Nouvelle condition
41
+ table:
42
+ description: Description
43
+ category: Traitement
44
+ updated_at: Modifié à
45
+ show: Afficher
46
+ edit: Modifier
47
+ destroy: Supprimer
48
+ new:
49
+ title: "Nouvelle condition pour %{name}"
50
+ state: Etat
51
+ description: Description
52
+ button: Bouton
53
+ error: Une erreur s'est produise lors de la création de la condition
54
+ created: Créée avec succès
55
+ updated: Modifiée avec succès
56
+ destroyed: Supprimée avec succès
57
+ edit:
58
+ title: Modifier la condition pour %{name}
59
+ state: Etat
60
+ description: Description
61
+ error: Enregistrement en cours
62
+ show:
63
+ title: Condition
64
+ last_update: dernière modification
65
+ table:
66
+ name: Intitulé
67
+ terms: Conditions
68
+ show: Afficher
69
+ user_terms:
70
+ pending:
71
+ title: Consentements en attente de validation
72
+ empty: Vous n'avez pas de constements en attent de validation
73
+ show:
74
+ accepted:
75
+ message: Consentement enregistré
76
+ question: Souhaitez-vous changer d'avis ?
77
+ reject: Refuser
78
+ not_now: Pas maintenant
79
+ pending:
80
+ message: Veuillez accepter ce traitement
81
+ agree: Accepter
82
+ not_now: Pas maintenant
83
+ user_portability_requests:
84
+ index:
85
+ title: Mes demandes de portabilité
86
+ empty: Vous n'avez pas de demande de portabilité
87
+ table:
88
+ state: Etat
89
+ file: Fichier
90
+ created_at: Créée à
91
+ destroy: Supprimer
92
+ button: Nouvelle demande de portabilité
93
+ states:
94
+ pending: En attente
95
+ progress: En cours de traitement
96
+ completed: Finalisée
97
+ has_pending: Vous avez déjà une demande de portabilité en cours, vous ne pouvez en avoir plus.
98
+ created: Votre demande de portabilité a bien été enregistrée.
99
+ portability_requests:
100
+ index:
101
+ title: Demandes de portabilité en attente
102
+ destroyed: Supprimée avec succès
103
+ empty: Il n'y a aucune demande de portabilité
104
+ table:
105
+ user: Utilisateur
106
+ state: Etat
107
+ created_at: Créée à
108
+ destroy: Supprimer
109
+ confirm: Confirmation
110
+ states:
111
+ pending: En attente
112
+ progress: En cours de traitement
113
+ completed: Finalisée
114
+ mails:
115
+ admin:
116
+ subject: L'utilisateur %{email} vient d'effectuer une demande de portabilité.
117
+ progress:
118
+ subject: Votre demande de portabilité est cours de préparation.
119
+ completed:
120
+ subject: Vos données sont disponibles.
121
+ will_paginate:
122
+ previous_label: "&lt;"
123
+ next_label: "&gt;"
124
+ page_gap: "&hellip;"
@@ -1,21 +1,29 @@
1
1
  module PolicyManager
2
2
  class Config
3
3
 
4
- mattr_accessor :exporter,
5
- :from_email,
4
+ mattr_accessor :exporter,
5
+ :from_email,
6
6
  :is_admin_method,
7
- :logout_url,
7
+ :logout_url,
8
8
  :user_language_method,
9
9
  :scripts,
10
10
  :admin_email_inbox,
11
- :error_notifier
11
+ :error_notifier,
12
+ :user_resource,
13
+ :admin_user_resource
12
14
 
13
15
  def self.setup
14
16
  @@rules = []
15
17
  @@portability_rules = []
16
18
  @@portability_templates = []
17
19
  @@scripts = []
20
+
18
21
  yield self
22
+
23
+ # sets this defaults after configuration
24
+ @@user_resource ||= User
25
+ @@admin_user_resource ||= User
26
+
19
27
  self
20
28
  end
21
29
 
@@ -26,13 +34,21 @@ module PolicyManager
26
34
  def self.admin_email(user)
27
35
  @@admin_email_inbox.is_a?(Proc) ? @@admin_email_inbox.call(user) : @@admin_email_inbox
28
36
  end
29
-
37
+
30
38
  def self.exporter=(opts)
31
39
  @@exporter = Exporter.new(opts)
32
40
  end
33
41
 
34
42
  def self.is_admin?(user)
35
- @@is_admin_method.call(user)
43
+ if has_different_admin_user_resource?
44
+ user.is_a? admin_user_resource
45
+ else
46
+ @@is_admin_method.call(user)
47
+ end
48
+ end
49
+
50
+ def self.has_different_admin_user_resource?
51
+ user_resource != admin_user_resource
36
52
  end
37
53
 
38
54
  def self.user_language(user)
@@ -1,3 +1,3 @@
1
1
  module PolicyManager
2
- VERSION = '0.2.1'
2
+ VERSION = '0.2.2'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gdpr_rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Miguel Michelson
@@ -9,22 +9,28 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2018-05-04 00:00:00.000000000 Z
12
+ date: 2018-05-07 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
16
16
  requirement: !ruby/object:Gem::Requirement
17
17
  requirements:
18
- - - "~>"
18
+ - - ">="
19
19
  - !ruby/object:Gem::Version
20
20
  version: 5.1.4
21
+ - - "<"
22
+ - !ruby/object:Gem::Version
23
+ version: '5.3'
21
24
  type: :runtime
22
25
  prerelease: false
23
26
  version_requirements: !ruby/object:Gem::Requirement
24
27
  requirements:
25
- - - "~>"
28
+ - - ">="
26
29
  - !ruby/object:Gem::Version
27
30
  version: 5.1.4
31
+ - - "<"
32
+ - !ruby/object:Gem::Version
33
+ version: '5.3'
28
34
  - !ruby/object:Gem::Dependency
29
35
  name: tilt
30
36
  requirement: !ruby/object:Gem::Requirement
@@ -241,6 +247,7 @@ files:
241
247
  - app/views/policy_manager/user_terms/show.json.jbuilder
242
248
  - config/locales/en.yml
243
249
  - config/locales/es.yml
250
+ - config/locales/fr.yml
244
251
  - config/routes.rb
245
252
  - db/migrate/20180326193825_create_policy_manager_terms.rb
246
253
  - db/migrate/20180326193827_create_policy_manager_user_terms.rb